﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data;
using System.Data.SqlClient;
using DBLayer;

namespace BALayer
{
    public class NguoiDung
    {
        private DAL db = null;

        public NguoiDung()
        {
            db = new DAL();
        }

        public bool DangNhap(string username,string password)
        {
            SqlParameter[] param = new SqlParameter[2];

            param[0] = new SqlParameter("@Username", username);
            param[1] = new SqlParameter("@Password", password);

            DataSet ds = db.ExecuteQueryDataSet("select *" + "from NguoiDung where username=@Username and password=@Password",
                CommandType.Text, param);

            if (ds.Tables[0].Rows.Count > 0)
                return true;

            return false;
        }

        public DataSet DanhSachNguoiDung()
        {
            return db.ExecuteQueryDataSet("select * from NguoiDung", CommandType.Text, null);
        }

        public int ThemNguoiDung(ref string error,String username,String password,String email,String sdt)
        {
            int mand = -1;
            SqlParameter p = new SqlParameter("@Id", DbType.Int32);
            p.Direction = ParameterDirection.Output;

            if(db.ExecuteNonQuery("uspThemNguoiDung", CommandType.StoredProcedure, ref error,
                new SqlParameter("@Username", username),
                new SqlParameter("@Password", password),
                new SqlParameter("@Email", email),
                new SqlParameter("@Sdt", sdt), p))
            {
                mand = Convert.ToInt32(p.Value.ToString());
            }

            return mand;
        }

        public bool XoaNguoiDung(ref string error,String id)
        {
            return db.ExecuteNonQuery("delete from NguoiDung where id='" + id + "'", CommandType.Text, ref error, null);
        }

        public bool CapNhatNguoiDung(ref string error,int id,String username,String email,String sdt)
        {
            return db.ExecuteNonQuery("uspCapNhatNguoiDung", CommandType.StoredProcedure, ref error,
                new SqlParameter("@Id", id),
                new SqlParameter("@Username", username),
                new SqlParameter("@Email", email),
                new SqlParameter("@Sdt", sdt));
        }

        public bool DoiMatKhau(string username,string oldpasswd,string newpasswd)
        {
            bool success = false;
            string error = "";

            SqlParameter p = new SqlParameter("@Success", DbType.Int32);
            p.Direction = ParameterDirection.Output;

            if(db.ExecuteNonQuery("uspDoiMatKhau", CommandType.StoredProcedure, ref error,
                new SqlParameter("@Username", username),
                new SqlParameter("@Oldpasswd", oldpasswd),
                new SqlParameter("@Newpasswd", newpasswd), p))
            {
                if(Convert.ToInt32(p.Value.ToString()) == 1)
                {
                    success = true;
                }
            }
            else
            {
                throw new Exception(error);
            }

            return success;
        }
    }
}
